1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
|
#!/bin/sh
#
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
#
# -*- mode: shell-script; -*-
# $Id$
# This script simplifies preparation of environment for Subversion client
# communicating with a server via DAV protocol. The prerequisites of such
# testing are:
# - Subversion built using --enable-shared --with-apxs options,
# - Working Apache 2 HTTPD Server with the apxs program reachable through
# PATH or specified via the APXS Makefile variable or environment variable,
# - Modules dav_module and log_config_module compiled as DSO or built into
# Apache HTTPD Server executable.
# The basic intension of this script is to be able to perform "make check"
# operation over DAV without any configuration efforts whatsoever, provided
# that conditions above are met.
#
# The script will find Apache and all necessary modules including mod_dav_svn,
# create a temporary directory in subversion/tests/cmdline, create
# Apache 2 configuration file in this directory, start Apache 2 on a random
# port number higher than 1024, and execute Subversion command-line client
# test suites against this instance of HTTPD. Every vital configuration
# parameter is checked before the tests start. The script will ask questions
# about browsing Apache error log (default is "no") and about deleting
# temporary directory (default "yes") and pause for 32 seconds before
# proceeding with the default. HTTPD access log is also created in the
# temporary directory.
#
# Run this script without parameters to execute the full battery of tests:
# subversion/tests/cmdline/davautocheck.sh
# Run this script with the name of a test suite to run this suite:
# subversion/tests/cmdline/davautocheck.sh basic
# Run this script with the test suite name and test number to execute just this
# test:
# subversion/tests/cmdline/davautocheck.sh basic 4
#
# If the temporary directory is not deleted, it can be reused for further
# manual DAV protocol interoperation testing. HTTPD must be started by
# specifying configuration file on the command line:
# httpd -f subversion/tests/cmdline/<httpd-...>/cfg
#
# If you want to run this against an *installed* HTTPD (for example, to test
# one version's client against another version's server) specify both APXS
# *and* MODULE_PATH for the other server:
#
# APXS=/opt/svn/1.4.x/bin/apxs MODULE_PATH=/opt/svn/1.4.x/modules \
# subversion/tests/cmdline/davautocheck.sh
#
# To prevent the server from advertising httpv2, pass USE_HTTPV1 in
# the environment.
#
# To enable "SVNCacheRevProps on" set CACHE_REVPROPS in the environment.
#
# To test over https set USE_SSL in the environment.
#
# To use value for "SVNPathAuthz" directive set SVN_PATH_AUTHZ with
# appropriate value in the environment.
#
# To load an MPM module for Apache 2.4 use APACHE_MPM=event in the
# environment.
#
# Passing --no-tests as argv[1] will have the script start a server
# but not run any tests. Passing --gdb will do the same, and in addition
# spawn gdb in the foreground attached to the running server.
PYTHON=${PYTHON:-python}
SCRIPTDIR=$(dirname $0)
SCRIPT=$(basename $0)
STOPSCRIPT=$SCRIPTDIR/.$SCRIPT.stop
trap stop_httpd_and_die HUP TERM INT
# Ensure the server uses a known locale.
LC_ALL=C
export LC_ALL
stop_httpd_and_die() {
[ -e "$HTTPD_PID" ] && kill $(cat "$HTTPD_PID")
echo "HTTPD stopped."
exit 1
}
say() {
echo "$SCRIPT: $*"
}
fail() {
say $*
stop_httpd_and_die
}
query() {
printf "%s" "$SCRIPT: $1 (y/n)? [$2] "
if [ -n "$BASH_VERSION" ]; then
read -n 1 -t 32
else
#
prog="
import select as s
import sys
import tty, termios
tty.setcbreak(sys.stdin.fileno(), termios.TCSANOW)
if s.select([sys.stdin.fileno()], [], [], 32)[0]:
sys.stdout.write(sys.stdin.read(1))
"
stty_state=`stty -g`
REPLY=`$PYTHON -u -c "$prog" "$@"`
stty $stty_state
fi
echo
[ "${REPLY:-$2}" = 'y' ]
}
get_loadmodule_config() {
local SO="$($APXS -q LIBEXECDIR)/$1.so"
# shared object module?
if [ -r "$SO" ]; then
local NM=$(echo "$1" | sed 's|mod_\(.*\)|\1_module|')
echo "LoadModule $NM \"$SO\"" &&
return
fi
# maybe it's built-in?
"$HTTPD" -l | grep "$1\\.c" >/dev/null && return
return 1
}
# Check apxs's SBINDIR and BINDIR for given program names
get_prog_name() {
for prog in $*
do
for dir in $($APXS -q SBINDIR) $($APXS -q BINDIR)
do
if [ -e "$dir/$prog" ]; then
echo "$dir/$prog" && return
fi
done
done
return 1
}
# Don't assume sbin is in the PATH.
# ### Presumably this is used to locate /usr/sbin/apxs or /usr/sbin/apache2
PATH="$PATH:/usr/sbin:/usr/local/sbin"
# Find the source and build directories. The build dir can be found if it is
# the current working dir or the source dir.
ABS_SRCDIR=$(cd ${SCRIPTDIR}/../../../; pwd)
if [ -x subversion/svn/svn ]; then
ABS_BUILDDIR=$(pwd)
elif [ -x $ABS_SRCDIR/subversion/svn/svn ]; then
ABS_BUILDDIR=$ABS_SRCDIR
else
fail "Run this script from the root of Subversion's build tree!"
fi
# Remove any proxy environmental variables that affect wget or curl.
# We don't need a proxy to connect to localhost and having the proxy
# environmental variables set breaks the Apache configuration file
# test below, since wget or curl will ask the proxy to connect to
# localhost.
unset PROXY
unset http_proxy
unset HTTPS_PROXY
# Pick up value from environment or PATH (also try apxs2 - for Debian)
if [ ${APXS:+set} ]; then
:
elif APXS=$(grep '^APXS' $ABS_BUILDDIR/Makefile | sed 's/^APXS *= *//') && \
[ -n "$APXS" ]; then
:
elif APXS=$(which apxs); then
:
elif APXS=$(which apxs2); then
:
else
fail "neither apxs or apxs2 found - required to run davautocheck"
fi
[ -x $APXS ] || fail "Can't execute apxs executable $APXS"
say "Using '$APXS'..."
# Pick up $USE_HTTPV1
ADVERTISE_V2_PROTOCOL=on
if [ ${USE_HTTPV1:+set} ]; then
ADVERTISE_V2_PROTOCOL=off
fi
# Pick up $SVN_PATH_AUTHZ
SVN_PATH_AUTHZ_LINE=""
if [ ${SVN_PATH_AUTHZ:+set} ]; then
SVN_PATH_AUTHZ_LINE="SVNPathAuthz ${SVN_PATH_AUTHZ}"
fi
CACHE_REVPROPS_SETTING=off
if [ ${CACHE_REVPROPS:+set} ]; then
CACHE_REVPROPS_SETTING=on
fi
if [ ${MODULE_PATH:+set} ]; then
MOD_DAV_SVN="$MODULE_PATH/mod_dav_svn.so"
MOD_AUTHZ_SVN="$MODULE_PATH/mod_authz_svn.so"
MOD_DONTDOTHAT="$MODULE_PATH/mod_dontdothat.so"
else
MOD_DAV_SVN="$ABS_BUILDDIR/subversion/mod_dav_svn/.libs/mod_dav_svn.so"
MOD_AUTHZ_SVN="$ABS_BUILDDIR/subversion/mod_authz_svn/.libs/mod_authz_svn.so"
MOD_DONTDOTHAT="$ABS_BUILDDIR/tools/server-side/mod_dontdothat/.libs/mod_dontdothat.so"
fi
[ -r "$MOD_DAV_SVN" ] \
|| fail "dav_svn_module not found, please use '--enable-shared --with-apxs' with your 'configure' script"
[ -r "$MOD_AUTHZ_SVN" ] \
|| fail "authz_svn_module not found, please use '--enable-shared --with-apxs' with your 'configure' script"
[ -r "$MOD_DONTDOTHAT" ] \
|| fail "dontdothat_module not found, please use '--enable-shared --with-apxs' with your 'configure' script"
for d in "$ABS_BUILDDIR"/subversion/*/.libs; do
if [ -z "$BUILDDIR_LIBRARY_PATH" ]; then
BUILDDIR_LIBRARY_PATH="$d"
else
BUILDDIR_LIBRARY_PATH="$BUILDDIR_LIBRARY_PATH:$d"
fi
done
case "`uname`" in
Darwin*)
DYLD_LIBRARY_PATH="$BUILDDIR_LIBRARY_PATH:$DYLD_LIBRARY_PATH"
export DYLD_LIBRARY_PATH
;;
*)
LD_LIBRARY_PATH="$BUILDDIR_LIBRARY_PATH:$LD_LIBRARY_PATH"
export LD_LIBRARY_PATH
;;
esac
httpd="$($APXS -q PROGNAME)"
HTTPD=$(get_prog_name $httpd) || fail "HTTPD '$HTTPD' not found"
[ -x $HTTPD ] || fail "HTTPD '$HTTPD' not executable"
"$HTTPD" -v 1>/dev/null 2>&1 \
|| fail "HTTPD '$HTTPD' doesn't start properly"
HTPASSWD=$(get_prog_name htpasswd htpasswd2) \
|| fail "Could not find htpasswd or htpasswd2"
[ -x $HTPASSWD ] \
|| fail "HTPASSWD '$HTPASSWD' not executable"
say "Using '$HTPASSWD'..."
LOAD_MOD_DAV=$(get_loadmodule_config mod_dav) \
|| fail "DAV module not found"
LOAD_MOD_LOG_CONFIG=$(get_loadmodule_config mod_log_config) \
|| fail "log_config module not found"
# needed for TypesConfig
LOAD_MOD_MIME=$(get_loadmodule_config mod_mime) \
|| fail "MIME module not found"
LOAD_MOD_ALIAS=$(get_loadmodule_config mod_alias) \
|| fail "ALIAS module not found"
# needed for Auth*, Require, etc. directives
LOAD_MOD_AUTH=$(get_loadmodule_config mod_auth) \
|| {
say "Monolithic Auth module not found. Assuming we run against Apache 2.1+"
LOAD_MOD_AUTH="$(get_loadmodule_config mod_auth_basic)" \
|| fail "Auth_Basic module not found."
LOAD_MOD_ACCESS_COMPAT="$(get_loadmodule_config mod_access_compat)" \
&& {
say "Found modules for Apache 2.3.0+"
LOAD_MOD_AUTHN_CORE="$(get_loadmodule_config mod_authn_core)" \
|| fail "Authn_Core module not found."
LOAD_MOD_AUTHZ_CORE="$(get_loadmodule_config mod_authz_core)" \
|| fail "Authz_Core module not found."
LOAD_MOD_UNIXD=$(get_loadmodule_config mod_unixd) \
|| fail "UnixD module not found"
}
LOAD_MOD_AUTHN_FILE="$(get_loadmodule_config mod_authn_file)" \
|| fail "Authn_File module not found."
LOAD_MOD_AUTHZ_USER="$(get_loadmodule_config mod_authz_user)" \
|| fail "Authz_User module not found."
LOAD_MOD_AUTHZ_GROUPFILE="$(get_loadmodule_config mod_authz_groupfile)" \
|| fail "Authz_GroupFile module not found."
LOAD_MOD_AUTHZ_HOST="$(get_loadmodule_config mod_authz_host)" \
|| fail "Authz_Host module not found."
}
if [ ${APACHE_MPM:+set} ]; then
LOAD_MOD_MPM=$(get_loadmodule_config mod_mpm_$APACHE_MPM) \
|| fail "MPM module not found"
fi
if [ ${USE_SSL:+set} ]; then
LOAD_MOD_SSL=$(get_loadmodule_config mod_ssl) \
|| fail "SSL module not found"
fi
# Stop any previous instances, os we can re-use the port.
if [ -x $STOPSCRIPT ]; then $STOPSCRIPT ; sleep 1; fi
HTTPD_PORT=3691
while netstat -an | grep $HTTPD_PORT | grep 'LISTEN' >/dev/null; do
HTTPD_PORT=$(( HTTPD_PORT + 1 ))
if [ $HTTPD_PORT -eq 65536 ]; then
# Most likely the loop condition is true regardless of $HTTPD_PORT
fail "netstat claims you have no free ports for httpd to listen on."
fi
done
HTTPD_ROOT="$ABS_BUILDDIR/subversion/tests/cmdline/httpd-$(date '+%Y%m%d-%H%M%S')"
HTTPD_CFG="$HTTPD_ROOT/cfg"
HTTPD_PID="$HTTPD_ROOT/pid"
HTTPD_ACCESS_LOG="$HTTPD_ROOT/access_log"
HTTPD_ERROR_LOG="$HTTPD_ROOT/error_log"
HTTPD_MIME_TYPES="$HTTPD_ROOT/mime.types"
HTTPD_DONTDOTHAT="$HTTPD_ROOT/dontdothat"
if [ -z "$BASE_URL" ]; then
BASE_URL="http://localhost:$HTTPD_PORT"
else
# Specify the public name of the host when using a proxy on another host, the
# port number will be appended.
BASE_URL="$BASE_URL:$HTTPD_PORT"
fi
HTTPD_USERS="$HTTPD_ROOT/users"
HTTPD_GROUPS="$HTTPD_ROOT/groups"
mkdir "$HTTPD_ROOT" \
|| fail "couldn't create temporary directory '$HTTPD_ROOT'"
say "Using directory '$HTTPD_ROOT'..."
if [ ${USE_SSL:+set} ]; then
say "Setting up SSL"
BASE_URL="https://localhost:$HTTPD_PORT"
# A self-signed certifcate for localhost that expires after 2039-12-30
# generated via:
# openssl req -new -x509 -nodes -days 10000 -out cert.pem -keyout cert-key.pem
# This is embedded, rather than generated on-the-fly, to avoid consuming
# system entropy.
SSL_CERTIFICATE_FILE="$HTTPD_ROOT/cert.pem"
cat > "$SSL_CERTIFICATE_FILE" <<__EOF__
-----BEGIN CERTIFICATE-----
MIIC7zCCAligAwIBAgIJALP1pLDiJRtuMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0xMjA4MTMxNDA5
MDRaFw0zOTEyMzAxNDA5MDRaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21l
LVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNV
BAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA9kBx6trU
WQnFNDrW+dU159zEbSWGts3ScITIMTLE4EclMh50SP2BnJDnetkNO8JhPXOm4KZi
XdJugWAk0NmpawhAk3xVxHh5N8wwyPk3IMx7+Yu+sgcsd0Dj9YK1fIazgTUp/Dsk
VGJvqu+kgNYxPvzWi/OsBLW/ZNp+spTzoAcCAwEAAaOBvjCBuzAdBgNVHQ4EFgQU
f7OIDackB7zzPm10aiQgq9WzRdQwgYsGA1UdIwSBgzCBgIAUf7OIDackB7zzPm10
aiQgq9WzRdShXaRbMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRl
MSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMTCWxv
Y2FsaG9zdIIJALP1pLDiJRtuMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
gYEAD2rdgeVYCSEeseEfFCTNte//rDsT3coO9SbGOpmlCJ5TfbmXjs2YaQZH7NST
mla3hw2Bf9ppTUw1ZWvOVgD3mpxAbYNBA/4HaxmK4GlS2kZsKiMr0xgcVGjmEIW/
HS9q+PHwStDKNSyYc1+m+bUmeRGUKLgC4kuBF7JDK8A2WYc=
-----END CERTIFICATE-----
__EOF__
SSL_CERTIFICATE_KEY_FILE="$HTTPD_ROOT/cert-key.pem"
cat > "$SSL_CERTIFICATE_KEY_FILE" <<__EOF__
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQD2QHHq2tRZCcU0Otb51TXn3MRtJYa2zdJwhMgxMsTgRyUyHnRI
/YGckOd62Q07wmE9c6bgpmJd0m6BYCTQ2alrCECTfFXEeHk3zDDI+TcgzHv5i76y
Byx3QOP1grV8hrOBNSn8OyRUYm+q76SA1jE+/NaL86wEtb9k2n6ylPOgBwIDAQAB
AoGBAJBzhV+rNl10qcXVrj2noJN+oYsVNE0Pt55hhb22dl7J3TvlOXmHm/xn1CHw
KR8hC0GtEfs+Hv3CbyhdabtJs2L7QxO5VjgLO+onBmAOw1iPF9DjbMcAlFJnoOWI
HYwANOWGp2jRxL5cHUfrBVCgUISen3VUZEnQkr4n/Zty/QEBAkEA/XIZ3oh5MiFA
o4IaFaFQpBc6K/e6fnM0217scaPvfZiYS1k9Fx/UQTAGsxJOnhnsi04WgHPMS5wB
RP4/PiIGIQJBAPi7yIKKS4E8hWBZL+79TI8Zm2uehGCB8V6m9k7e3I82To9Tgcow
qZHsAPtN50fg85I94L3REg2FSQlDlzbMkScCQQC2pweLv/EQNrS94eJomkRirban
vzYxMVfzjRp737iWXGXNT7feNXsjq7f4UAZGnMpDrvg6hLnD999WWKE9ZwnhAkBl
c9p9/EB9zxyrxtT5StGuUIiHJdnirz2vGLTASMB3nXP/m9UFjkGr5jIkTos2Uzel
/50qbxtI7oNyxuHnlRrjAkASfQ51kaBcABYRiacesQi94W/kE3MkgHWkCXNb6//u
gxk/ezALZ8neJzJudzRkX3auGwH1ne9vCM1ED5dkM54H
-----END RSA PRIVATE KEY-----
__EOF__
SSL_MAKE_VAR="SSL_CERT=$SSL_CERTIFICATE_FILE"
SSL_TEST_ARG="--ssl-cert $SSL_CERTIFICATE_FILE"
fi
say "Adding users for lock authentication"
$HTPASSWD -bc $HTTPD_USERS jrandom rayjandom
$HTPASSWD -b $HTTPD_USERS jconstant rayjandom
$HTPASSWD -b $HTTPD_USERS __dumpster__ __loadster__
$HTPASSWD -b $HTTPD_USERS JRANDOM rayjandom
$HTPASSWD -b $HTTPD_USERS JCONSTANT rayjandom
say "Adding groups for mod_authz_svn tests"
cat > "$HTTPD_GROUPS" <<__EOF__
random: jrandom
constant: jconstant
__EOF__
touch $HTTPD_MIME_TYPES
cat > "$HTTPD_DONTDOTHAT" <<__EOF__
[recursive-actions]
/ = deny
__EOF__
cat > "$HTTPD_CFG" <<__EOF__
$LOAD_MOD_MPM
$LOAD_MOD_SSL
$LOAD_MOD_LOG_CONFIG
$LOAD_MOD_MIME
$LOAD_MOD_ALIAS
$LOAD_MOD_UNIXD
$LOAD_MOD_DAV
LoadModule dav_svn_module "$MOD_DAV_SVN"
$LOAD_MOD_AUTH
$LOAD_MOD_AUTHN_CORE
$LOAD_MOD_AUTHN_FILE
$LOAD_MOD_AUTHZ_CORE
$LOAD_MOD_AUTHZ_USER
$LOAD_MOD_AUTHZ_GROUPFILE
$LOAD_MOD_AUTHZ_HOST
$LOAD_MOD_ACCESS_COMPAT
LoadModule authz_svn_module "$MOD_AUTHZ_SVN"
LoadModule dontdothat_module "$MOD_DONTDOTHAT"
__EOF__
if "$HTTPD" -v | grep '/2\.[012]' >/dev/null; then
cat >> "$HTTPD_CFG" <<__EOF__
LockFile lock
User $(id -un)
Group $(id -gn)
__EOF__
else
HTTPD_LOCK="$HTTPD_ROOT/lock"
mkdir "$HTTPD_LOCK" \
|| fail "couldn't create lock directory '$HTTPD_LOCK'"
cat >> "$HTTPD_CFG" <<__EOF__
# worker and prefork MUST have a mpm-accept lockfile in 2.3.0+
<IfModule worker.c>
Mutex "file:$HTTPD_LOCK" mpm-accept
</IfModule>
<IfModule prefork.c>
Mutex "file:$HTTPD_LOCK" mpm-accept
</IfModule>
__EOF__
fi
if [ ${USE_SSL:+set} ]; then
cat >> "$HTTPD_CFG" <<__EOF__
SSLEngine on
SSLCertificateFile $SSL_CERTIFICATE_FILE
SSLCertificateKeyFile $SSL_CERTIFICATE_KEY_FILE
__EOF__
fi
cat >> "$HTTPD_CFG" <<__EOF__
Listen $HTTPD_PORT
ServerName localhost
PidFile "$HTTPD_PID"
LogFormat "%h %l %u %t \"%r\" %>s %b \"%f\"" common
CustomLog "$HTTPD_ACCESS_LOG" common
ErrorLog "$HTTPD_ERROR_LOG"
LogLevel debug
ServerRoot "$HTTPD_ROOT"
DocumentRoot "$HTTPD_ROOT"
ScoreBoardFile "$HTTPD_ROOT/run"
CoreDumpDirectory "$HTTPD_ROOT"
TypesConfig "$HTTPD_MIME_TYPES"
StartServers 4
MaxRequestsPerChild 0
<IfModule worker.c>
ThreadsPerChild 8
</IfModule>
<IfModule event.c>
ThreadsPerChild 8
</IfModule>
MaxClients 32
HostNameLookups Off
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" format
CustomLog "$HTTPD_ROOT/req" format
CustomLog "$HTTPD_ROOT/ops" "%t %u %{SVN-REPOS-NAME}e %{SVN-ACTION}e" env=SVN-ACTION
<Directory />
AllowOverride none
</Directory>
<Directory "$HTTPD_ROOT">
AllowOverride none
#Require all granted
</Directory>
<Location /svn-test-work/repositories>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/repositories"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
Require valid-user
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
${SVN_PATH_AUTHZ_LINE}
</Location>
<Location /ddt-test-work/repositories>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/repositories"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
Require valid-user
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
${SVN_PATH_AUTHZ_LINE}
DontDoThatConfigFile "$HTTPD_DONTDOTHAT"
</Location>
<Location /svn-test-work/local_tmp/repos>
DAV svn
SVNPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp/repos"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
Require valid-user
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
${SVN_PATH_AUTHZ_LINE}
</Location>
<Location /authz-test-work/anon>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
SVNListParentPath On
# This may seem unnecessary but granting access to everyone here is necessary
# to exercise a bug with httpd 2.3.x+. The "Require all granted" syntax is
# new to 2.3.x+ which we can detect with the mod_authz_core.c module
# signature. Use the "Allow from all" syntax with older versions for symmetry.
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
Allow from all
</IfMOdule>
${SVN_PATH_AUTHZ_LINE}
</Location>
<Location /authz-test-work/mixed>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
SVNListParentPath On
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
Require valid-user
Satisfy Any
${SVN_PATH_AUTHZ_LINE}
</Location>
<Location /authz-test-work/mixed-noauthwhenanon>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
SVNListParentPath On
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
Require valid-user
AuthzSVNNoAuthWhenAnonymousAllowed On
SVNPathAuthz On
</Location>
<Location /authz-test-work/authn>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
SVNListParentPath On
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
Require valid-user
${SVN_PATH_AUTHZ_LINE}
</Location>
<Location /authz-test-work/authn-anonoff>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
SVNListParentPath On
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
Require valid-user
AuthzSVNAnonymous Off
SVNPathAuthz On
</Location>
<Location /authz-test-work/authn-lcuser>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
SVNListParentPath On
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
Require valid-user
AuthzForceUsernameCase Lower
${SVN_PATH_AUTHZ_LINE}
</Location>
<Location /authz-test-work/authn-lcuser>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
SVNListParentPath On
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
Require valid-user
AuthzForceUsernameCase Lower
${SVN_PATH_AUTHZ_LINE}
</Location>
<Location /authz-test-work/authn-group>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
SVNListParentPath On
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
AuthGroupFile $HTTPD_GROUPS
Require group random
AuthzSVNAuthoritative Off
SVNPathAuthz On
</Location>
<IfModule mod_authz_core.c>
<Location /authz-test-work/sallrany>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
SVNListParentPath On
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
AuthzSendForbiddenOnFailure On
Satisfy All
<RequireAny>
Require valid-user
Require expr req('ALLOW') == '1'
</RequireAny>
${SVN_PATH_AUTHZ_LINE}
</Location>
<Location /authz-test-work/sallrall>
DAV svn
SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp"
AuthzSVNAccessFile "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz"
SVNAdvertiseV2Protocol ${ADVERTISE_V2_PROTOCOL}
SVNCacheRevProps ${CACHE_REVPROPS_SETTING}
SVNListParentPath On
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile $HTTPD_USERS
AuthzSendForbiddenOnFailure On
Satisfy All
<RequireAll>
Require valid-user
Require expr req('ALLOW') == '1'
</RequireAll>
${SVN_PATH_AUTHZ_LINE}
</Location>
</IfModule>
RedirectMatch permanent ^/svn-test-work/repositories/REDIRECT-PERM-(.*)\$ /svn-test-work/repositories/\$1
RedirectMatch ^/svn-test-work/repositories/REDIRECT-TEMP-(.*)\$ /svn-test-work/repositories/\$1
__EOF__
START="$HTTPD -f $HTTPD_CFG"
printf \
'#!/bin/sh
if [ -d "%s" ]; then
printf "Stopping previous HTTPD instance..."
if %s -k stop; then
# httpd had no output; echo a newline.
echo ""
elif [ -s "%s" ]; then
# httpd would have printed an error terminated by a newline.
kill -9 "`cat %s`"
fi
fi
' >$STOPSCRIPT "$HTTPD_ROOT" "$START" "$HTTPD_PID" "$HTTPD_PID"
chmod +x $STOPSCRIPT
$START -t \
|| fail "Configuration file didn't pass the check, most likely modules couldn't be loaded"
# need to pause for some time to let HTTPD start
$START &
sleep 2
say "HTTPD started and listening on '$BASE_URL'..."
#query "Ready" "y"
# Perform a trivial validation of our httpd configuration by
# downloading a file and comparing it to the original copy.
### The file at the path "/cfg" can't be retrieved from Apache 2.3+.
### We get a 500 ISE, with the following error in the log from httpd's
### server/request.c:ap_process_request_internal():
### [Wed Feb 22 13:06:55 2006] [crit] [client 127.0.0.1] configuration error: couldn't check user: /cfg
HTTP_FETCH=wget
HTTP_FETCH_OUTPUT="--no-check-certificate -q -O"
type wget > /dev/null 2>&1
if [ $? -ne 0 ]; then
type curl > /dev/null 2>&1
if [ $? -ne 0 ]; then
fail "Neither curl or wget found."
fi
HTTP_FETCH=curl
HTTP_FETCH_OUTPUT='-s -k -o'
fi
$HTTP_FETCH $HTTP_FETCH_OUTPUT "$HTTPD_CFG-copy" "$BASE_URL/cfg"
diff "$HTTPD_CFG" "$HTTPD_CFG-copy" > /dev/null \
|| fail "HTTPD doesn't operate according to the generated configuration"
rm "$HTTPD_CFG-copy"
say "HTTPD is good"
if [ $# -eq 1 ] && [ "x$1" = 'x--no-tests' ]; then
echo "http://localhost:$HTTPD_PORT/svn-test-work/repositories"
exit
fi
if [ $# -eq 1 ] && [ "x$1" = 'x--gdb' ]; then
echo "http://localhost:$HTTPD_PORT/svn-test-work/repositories"
$STOPSCRIPT && gdb -silent -ex r -args $START -X
exit
fi
if type time > /dev/null; then
TIME_CMD=time
else
TIME_CMD=""
fi
MAKE=${MAKE:-make}
say "starting the tests..."
CLIENT_CMD="$ABS_BUILDDIR/subversion/svn/svn"
if [ "$HTTP_LIBRARY" = "" ]; then
say "Using default dav library"
"$CLIENT_CMD" --version | egrep '^[*] ra_(neon|serf)' >/dev/null \
|| fail "Subversion client couldn't find and/or load ra_dav library"
else
say "Requesting dav library '$HTTP_LIBRARY'"
"$CLIENT_CMD" --version | egrep "^[*] ra_$HTTP_LIBRARY" >/dev/null \
|| fail "Subversion client couldn't find and/or load ra_dav library '$HTTP_LIBRARY'"
fi
if [ $# = 0 ]; then
$TIME_CMD "$MAKE" check "BASE_URL=$BASE_URL" $SSL_MAKE_VAR
r=$?
else
(cd "$ABS_BUILDDIR/subversion/tests/cmdline/"
TEST="$1"
shift
$TIME_CMD "$ABS_SRCDIR/subversion/tests/cmdline/${TEST}_tests.py" "--url=$BASE_URL" $SSL_TEST_ARG "$@")
r=$?
fi
say "Finished testing..."
kill $(cat "$HTTPD_PID")
query 'Browse server access log' n \
&& less "$HTTPD_ACCESS_LOG"
query 'Browse server error log' n \
&& less "$HTTPD_ERROR_LOG"
query 'Delete HTTPD root directory' y \
&& rm -fr "$HTTPD_ROOT/"
say 'Done'
exit $r
|